Security Projects - Page 42.25
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Google this week has announced the release of KataOS as their newest operating system effort focused on embedded devices running ambient machine learning workloads. KataOS is security-minded, exclusively uses the Rust programming language, and is built atop the seL4 microkernel as its foundation.
In addition to MGLRU and Maple Tree having been merged overnight, Linus Torvalds also picked up the x86/mm changes for Linux 6.1 that will now by default warn about W+X mappings.
If the next version of the Linux kernel emerges a little slower than usual, blame a dodgy DIMM in Linus Torvalds's AMD Threadripper-powered PC and the vagaries of the memory market.
Fwupd 1.8.6 is out as the newest stable release of this open-source firmware updating tool most notably used by Linux systems but also supported on various BSDs and even Windows.
Linux 6.0 comes with many notable hardware support additions and other improvements, here is a reminder of all what is great about this imminent kernel release.
It's been two weeks since the release of LLVM 15.0 and its sub-projects like Clang 15.0 so per their rapid release rhythm, LLVM 15.0.1 is out with the initial batch of fixes.
At the Kernel Maintainers Summit, the question wasn't, "Would Rust make it into Linux?" Instead, it was, "What to do about its compilers?"
A few years ago developers knew eBPF as a handy way to build firewalls yet now it's used everywhere for everything. Get ready for io_uring to do the same.
The GCC compiler and related GNU toolchain infrastructure has long been hosted by Sourceware.org that has been sponsored by Red Hat the past two decades. But now the GNU Toolchain Infrastructure (GTI) project is being established as it works to leverage the Linux Foundation's IT services to provide more robust and secure infrastructure for these critical open-source projects.
Wolfi is a Linux undistro that focuses on resolving security issues with the software supply chain. Explore more here.
Open-source security has been high on the agenda this year, with a number of initiatives, projects, and guidance launched in 2022 to help improve the cyber resiliency of open-source code, software and development.
Following the July disclosure of the Retbleed CPU security vulnerability affecting older processors and an AMD change made in August, here is a fresh look at the performance impact of the Retbleed mitigations on Linux, including if opting for the IBPB-based Retbleed mitigation, and the accumulated CPU security mitigation impact for Zen 2 with the flagship Ryzen 9 3950X processor.
A change queued up as part of the "x86/mm" TIP changes expected to land for Linux 6.1 will now have the default kernel configuration warn at kernel boot time around any W+X mappings that pose a security risk.
SOS.dev initiative will combat software supply chain attacks by encouraging researchers to suggest security improvements to key projects.
'Experimental mitigations' in a custom kernel could make life harder for hackers.
Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows.
Another big ticket feature has made it for the Linux 6.0 kernel: the Runtime Verification infrastructure for running Linux on safety-critical systems.
Emmabuntüs 1.02 is here almost seven months after Emmabuntüs 1.01 and it’s based on the Debian GNU/Linux 11.4 “Bullseye” release that arrived last month with 79 security updates and 81 miscellaneous bug fixes.
Linus Torvalds has announced the release and general availability of the Linux 5.19 kernel series as a major branch that brings more new features, improved hardware support, and lots of bug and security fixes.
Everyone knows the phrase “software is eating the world” by Marc Andreessen from over a decade ago. Software powers and touches nearly every aspect of modern society, both personally and professionally, and is critical to the modern economy and national security.